Informacje o stanowisku

This key role will provide ongoing assessment for newly identified vulnerabilities and respond to business-driven queries regarding potential false positives, vulnerability findings, sensitive data types, and guidance on mitigation strategies.



The primary deliverable is ensuring all newly discovered vulnerabilities undergo the correct risk assessment process, enabling the company to present a clear risk profile to senior stakeholders via automated reporting.



Your tasks

1. Assess all newly discovered vulnerabilities to confirm that the assigned risk score accurately reflects the risk to the company.
2. Review repositories to identify sensitive information and secret data types.
3. Monitor external threat feeds to detect new risks.
4. Manage the review of assigned JIRA tickets, evaluate potential false positives or mitigation approaches, and provide expert advice on remediation.
5. Document patterns for remediation and false positive identification in central tools and apply them across the organizations threat landscape.
6. Support urgent threat review sessions and act as deputy chair when required.
7. Collaborate with internal teams, including the Head of Vulnerability Management Operations, to align actions with the companys risk appetite and expected responses.
8. Undertake ad hoc tasks, such as supporting CSAT operational activities, handling escalations, and addressing team requests.

1. Minimum of 4 years of experience in application security.
2. Proficiency in vulnerability management tools (e.g., Checkmarx, Netsparker), DAST & SAST, GitHub, Stash, and data platforms.
3. Knowledge of OWASP, CVE, CWE, cryptography, secret management, and security protocols.
4. Strong understanding of Python and Java.
5. Analytical skills for timely risk evaluation of vulnerabilities.
6. Self-motivation, organizational excellence, proactivity, and strong ethical values.
7. Residing in Poland required.

Szczecin - Oferty pracy w okolicznych lokalizacjach